SHA1 cracked .... What are the chances this will be addressed in LC?
Peter TB Brett
peter.brett at livecode.com
Mon Mar 6 05:53:50 EST 2017
On 03/03/2017 18:00, Bob Sneidar via use-livecode wrote:
> It looks like the encrypt command is already using this method if
> the "with salt" arguement is provided? At least the encrypted result
> starts with "salted" and at least part of the salt value.
>
Hi Bob,
The "encrypt" command provides symmetric cryptographic functions, i.e.
you can decrypt the result again to get the cleartext back. This is
_not_ a desirable property for a password storage system; you should
always use one-way (asymmetric) functions, such as a cryptographic hash.
Peter
--
Dr Peter Brett <peter.brett at livecode.com>
lcb-mode for Emacs: https://github.com/peter-b/lcb-mode
More information about the use-livecode
mailing list